cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2162
Views
18
Helpful
7
Replies

Bridge-mode VM

Sylvain_Che
Level 1
Level 1

Hello folks,

The "Bridge-Mode VM" feature is added on DNAC v2.3.3.

I would like to know what this feature is exactly used for? In which use-case we should use it?

What does DNAC apply to switches?

I read on User Guide that this feature has a relation with Wireless. Is it strictly related to Wireless? Or Wired also?

 

Thanks,

Sylvain.

1 Accepted Solution

Accepted Solutions

PabMar
Cisco Employee
Cisco Employee

Hi Sylvain,

Some details from the Release Notes.

PabMar_0-1675429164069.png

Use case:

- Wireless virtual machine clients running in bridge mode need to onboard cisco SD-access fabric.

- Currently, Wireless clients cannot program the host NIC to operate in promiscuous mode – as a result, network sees only the host MAC

Details of the feature:

- We are solving this use case by overriding the host mac with the source mac address of the virtual machine through DHCP (VM mac is visible only in DHCP).

- The Cisco DNA Center GUI lets you create an IP address pool for wireless with the Bridge Mode VM enabled.

Considerations:

- Wireless virtual machine clients should be running same IP Pool as host.

- This is supported only for IPv4.

- Guest web authentication redirect is not supported with bridge mode VM clients.

- Authentication/Enforcement is not supported on wireless virtual machines in bridge mode.

 

That's as much info as I have at the moment.

Hope it helps.

Regards.

View solution in original post

7 Replies 7

PabMar
Cisco Employee
Cisco Employee

Hi Sylvain,

Some details from the Release Notes.

PabMar_0-1675429164069.png

Use case:

- Wireless virtual machine clients running in bridge mode need to onboard cisco SD-access fabric.

- Currently, Wireless clients cannot program the host NIC to operate in promiscuous mode – as a result, network sees only the host MAC

Details of the feature:

- We are solving this use case by overriding the host mac with the source mac address of the virtual machine through DHCP (VM mac is visible only in DHCP).

- The Cisco DNA Center GUI lets you create an IP address pool for wireless with the Bridge Mode VM enabled.

Considerations:

- Wireless virtual machine clients should be running same IP Pool as host.

- This is supported only for IPv4.

- Guest web authentication redirect is not supported with bridge mode VM clients.

- Authentication/Enforcement is not supported on wireless virtual machines in bridge mode.

 

That's as much info as I have at the moment.

Hope it helps.

Regards.

Hi
doesnt purpose of feature sound a bit contradictory to "- Authentication/Enforcement is not supported on wireless virtual machines in bridge mode"?

Hello Andy, prior to this feature it was not possible to support bridge-network VMs on a wireless endpoint, so the feature has value in it's current form.

Release of the full functionality has been phased. MAB auth and policy (SGT) per wireless Bridge VM comes in DNAC 2.3.5.x + 17.10

Hi
just to be on the same page with feature purpose & cite from pabmar:
"Considerations:
...
- Authentication/Enforcement is not supported on wireless virtual machines in bridge mode."
does feature implement Authentication/Enforcement for wireless virtual machines or doesnt?

 

"does feature implement Authentication/Enforcement for wireless virtual machines or doesnt?"

It depends on which release you are asking about. In 2.3.3.x it does not. In 2.3.5.x (ETA APPROX March 2023) it will support MAB and SGT for the wireless bridge-network VMs. All authentication methods will be supported for the wireless VM host.

tnx. more or less clear

Sylvain_Che
Level 1
Level 1

Thank you @PabMar.

Review Cisco Networking for a $25 gift card